Navigation

This module includes various helpers that fix bugs in web servers. They may
be necessary for some versions of a buggy web server but not others. We try
to stay updated with the status of the bugs as good as possible but you have
to make sure whether they fix the problem you encounter.

If you notice bugs in webservers not fixed in this module consider
contributing a patch.

On windows environment variables are limited to the system charset
which makes it impossible to store the PATH_INFO variable in the
environment without loss of information on some systems.

This is for example a problem for CGI scripts on a Windows Apache.

This fixer works by recreating the PATH_INFO from REQUEST_URI,
REQUEST_URL, or UNENCODED_URL (whatever is available). Thus the
fix can only be applied if the webserver supports either of these
variables.

This middleware can be applied to add HTTP proxy support to an
application that was not designed with HTTP proxies in mind. It
sets REMOTE_ADDR, HTTP_HOST from X-Forwarded headers. While
Werkzeug-based applications already can use
werkzeug.wsgi.get_host() to retrieve the current host even if
behind proxy setups, this middleware can be used for applications which
access the WSGI environment directly.

If you have more than one proxy server in front of your app, set
num_proxies accordingly.

Do not use this middleware in non-proxy setups for security reasons.

The original values of REMOTE_ADDR and HTTP_HOST are stored in
the WSGI environment as werkzeug.proxy_fix.orig_remote_addr and
werkzeug.proxy_fix.orig_http_host.

This middleware can remove response headers and add others. This
is for example useful to remove the Date header from responses if you
are using a server that adds that header, no matter if it’s present or
not or to add X-Powered-By headers: